Code cleanups and security improvements#37
Code cleanups and security improvements#37moshekaplan wants to merge 42 commits intoscummvm:integrityfrom
Conversation
Add dependabot
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5 to 6. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@v5...v6) --- updated-dependencies: - dependency-name: actions/setup-python dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [cryptography](https://github.com/pyca/cryptography) from 45.0.6 to 46.0.3. - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@45.0.6...46.0.3) --- updated-dependencies: - dependency-name: cryptography dependency-version: 46.0.3 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [pytest](https://github.com/pytest-dev/pytest) from 8.4.1 to 9.0.0. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@8.4.1...9.0.0) --- updated-dependencies: - dependency-name: pytest dependency-version: 9.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [cffi](https://github.com/python-cffi/cffi) from 1.17.1 to 2.0.0. - [Release notes](https://github.com/python-cffi/cffi/releases) - [Commits](python-cffi/cffi@v1.17.1...v2.0.0) --- updated-dependencies: - dependency-name: cffi dependency-version: 2.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Add pytest
Bump cffi from 1.17.1 to 2.0.0
…github/workflows/actions/setup-python-6 Bump actions/setup-python from 5 to 6 in /.github/workflows
…github/workflows/actions/checkout-5 Bump actions/checkout from 4 to 5 in /.github/workflows
Bump cryptography from 45.0.6 to 46.0.3
Bump pytest from 8.4.1 to 9.0.0
Add typing job (with failure)
Clean arg parsing
args.limit_timestamps
Remove engine_last var
demonstrate enumerate
Improve logging
Update typing.yml
Move file validation to separate function
tunnelsociety
left a comment
tunnelsociety
left a comment
There was a problem hiding this comment.
Hi, I am a beginner who is interested in this work. I have a lot of comments and questions but I am not a ScummVM team member, just some person; I'll defer to the team before commenting on certain aspects of this PR.
If it's ok, I am asking a few questions to learn about the code and changes.
(And I just wanted to indicate minor typo in a73f457 commit msg, but not sure of the most polite way to do that 😄)
| jobs: | ||
| type-check: | ||
| runs-on: ubuntu-latest | ||
| continue-on-error: true # Allow graceful failure |
There was a problem hiding this comment.
the commit message says "with failure" but this line seems to specifically not fail in case of error, which I guess is the opposite; do I misunderstand the commit message?
| "INSERT INTO game (name, engine, gameid, extra, platform, language) VALUES (%s, %s, %s, %s, %s, %s)", | ||
| (title, engine_last, gameid, extra, platform, lang), | ||
| ) | ||
| # Try to get rid of @game_last and pass the variable explicitly instead |
There was a problem hiding this comment.
missing TODO or FIXME or similar? or do I misunderstand this change, or this comment in particular?
| "INSERT INTO game (name, engine, gameid, extra, platform, language) VALUES (%s, %s, %s, %s, %s, %s)", | ||
| (title, engine_last, gameid, extra, platform, lang), | ||
| ) | ||
| # Try to get rid of @game_last and pass the variable explicitly instead |
There was a problem hiding this comment.
this does not seem related to commit message "Demonstrate enumerate"; should it be a separate commit?
| def normalised_path(name): | ||
| """ | ||
| Converts \ to / in filepaths, to avoid filesystem independent filepath parsing. | ||
| r""" |
There was a problem hiding this comment.
this does not seem related to commit message "Improve logging"; should it be a separate commit?
| logging.basicConfig( | ||
| level=logging.INFO, | ||
| format='[%(levelname)s] %(asctime)s - %(name)s - %(message)s' | ||
| ) |
There was a problem hiding this comment.
all commits should be "atomic" in the sense that they are parsable, buildable, etc.: so changes like 0366f2c "Add missing )" must be squashed (preferably in advance of a PR)
(more about this in ScummVM's Commit Guidelines, discussion about which I'd defer to team members)
There was a problem hiding this comment.
The commits here were a bit messy. The simplest approach would be to squash this entire thing. Not sure how ScummVM team feels about that.
| html += f"<td>{counter}.</td>\n" | ||
| html_code += "<tr>\n" | ||
| html_code += f"<td>{counter}.</td>\n" | ||
| # html += f"<td>{fileset_id}</td>\n" |
There was a problem hiding this comment.
Would it be wise to remove or adjust [old] commented code like # html += f"<td>{fileset_id}</td>\n" as well?
(edit: i wrote "unsafe" but that might not be the case here; thus this comment has very little meaning)
There was a problem hiding this comment.
I see no reason why it couldn't be removd.
| from src.scripts.db_functions import ( | ||
| insert_game, | ||
| get_all_related_filesets, | ||
| convert_log_text_to_links, |
There was a problem hiding this comment.
It's a fine change, but moving the convert_log_text_to_links function is not described by commit message "Try to remove XSS from fileset"; should this be a separate commit?
There was a problem hiding this comment.
Probably. I had moved it as part of doing the XSS sanitization.
|
It concerns me a little that we need to worry about escaping many strings in many places to inject into HTML, with the potential to forget doing it anywhere and thus to introduce a security issue. In the interest of making it easier to write safe code, what if we don't write raw HTML, but instead manipulate HTML via some library, something like (Edit: I haven't analyzed attack surface. Maybe it's all a non-issue because sensitive code is only on privileged code paths where we trust what's being injected) |
Yes, an accurate observation. Really, I'd think the ideal way is that each web endpoint should have three function calls in it:
Unfortunately, this code currently generates the raw HTML (yay for server side rendering!) and so we need to do the sanitization ourselves. I simply do not have the time to restructure everything. |
2 participants
No description provided.